Home / Hacking / DNS Spoofing / What is DNS Spoofing? How to redirect traffic to fake website?
DNS Spoofing
internet browser

What is DNS Spoofing? How to redirect traffic to fake website?

DNS Spoofing is also known as DNS cache poisoning. It is malicious technique used by attackers to divert legitimate traffic to attacker’s fake website for his own sake.

DNS Spoofing

The main idea behind DNS spoofing is that attacker introduces a corrupt domain name in the DNS resolver’s cache, where causes the legitimate user to fall into an incorrect IP address that is run by the attacker. This is the main formula used by attacker to redirect traffic to his fake website known as DNS spoofing.

A Domain Name Server short for DNS is a domain name resolution system that automatically convert domain name (alphabets) to IP address (numeric values). For example when you type www.google.com in URL search bar, its the duty of DNS to map domain name to specific IP address e.g 216.58.196.206. Now all you got the knowledge of what DNS.

For DNS spoofing you must be in particular network/LAN, if not so the you must find  a computer that should be vulnerable to get password to infiltrate into the network. Well in an organization there are hundreds of computers and you just need to find a single vulnerable computer to get access.

dns-cache-poisoning-explained1

The above example clearly describes how attacker changed particular website IP address with his own system’s IP address where the fake website exists.

What are the consequences of DNS Spoofing?

DNS spoofing was always a big malicious way to take someone’s business down. Infect DNS spoofing is a type of attack which goes unnoticed by the company until some other company brings a product with the same features into the market. Attackers of some particular company can spoof the DNS and keep a secret eye on the emails going in or out.

What are the Mitigations?

  • Security should be built into DNS by security team.
  • Security analyst must observe the latest DNS version and search for any vulnerability against DNS spoofing.
  • Security analyst must see name server against domain they are using in organization.

There are many lot to be taken care of.

Well the other technique to keep an eye and capture the data in LAN network is ARP SPOOFING also know as ARP POISONING. ARP spoofing is a malicious attack where attacker sends a falsified ARP to target over a local area network. Please read more about that in link.

Are you interested to learn hacking techniques please visit our hacking category.

About Kamran Mohsin

Kamran Mohsin
Kamran Mohsin is a Certified Ethical Hacker. Currently working as a Penetration Tester within a private company in Pakistan. He is also doing Masters in information Security. He worked in web development (front-back-end) from recent back years. With the passage of time he took interest in Hacking and started to write blogs on IS from late 2015.

Check Also

SSH Key-Based Authentication

How To Configure SSH Key-Based Authentication on a Linux Server

Introduction to SSH Secure Shell (SSH) is a cryptographic network protocol for operating network services …

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: